Getting Started

Github Runner

  1. Apply for a nitro enclave machine on AWS.

  2. Configure the GitHub runner:

    1. Settings → Actions → Runners → New self-hosted runner

    2. Follow the instructions to configure the GitHub Runner

  3. Download the Software Build Attestation Image.

  4. Download the Attestation Build Tool.

Github Action

Create build_attestation.yml under the project's .github/workflow directory.

name: Software Build Attestation

    types: [published]

    permissions: write-all
    runs-on: [self-hosted]
    - name: Checkout
      uses: actions/checkout@v2
    - name: Build
      run: |
        attestation-build-tool build -output release.tar -nitro ~/ata-build-rust-latest.eif
    - name: Release
      uses: softprops/action-gh-release@v1
        files: release.tar

Create the build.json file in the project.

	"language": "rust",
	"input": {
		"cmd": "./scripts/",
		"vendor": "./scripts/"
	"output": {
		"files": [

Attestation Build Tool

The Attestation Build Tool is a compilation tool that runs within the Runner. It will be responsible for running the nitro enclave and performing the compilation, and generating the Attestation Report. It can be downloaded here.

Last updated